Follow

How do I Configure the AuthAnvil RADIUS Server to work with NPS?

Configuring NPS to support RADIUS Authentication

Step 1 - Go to the Start Menu and click on ‘Administrative Tools’

Step 2 - Go to ‘Network Policy Server’ (NPS)

10

Step 3 – Expand ‘RADIUS Clients and Servers’

Step 4 - Highlight ‘Remote RADIUS Server Groups’ and right click > ‘New’

4

Step 5 – Name the group, then click ‘Add’ to add a radius server

5

Step 6 - Type in the Address of the AuthAnvil Radius Server.

6

Step 7 - Click on the ‘Authentication/Accounting’ tab to configure the RADIUS Server options.

7

Step 8 – Type in the Shared Secret that has been configured on the AuthAnvil Radius Server.

Step 9 – Click on the ‘Load Balancing’ tab to configure the RADIUS timeout.

image

Step 10 – Under ‘Advanced Settings’, set ‘Number of seconds without response before request is considered dropped’ from the default of 3 to a higher value, (10 seconds or higher is recommended), and click ‘OK’.

Step 11 – Click ‘OK’ to create the RADIUS server group.

Step 12 - Expand ‘Policies’, then ‘Connection Request Policies’.

8

Step 13 – Right click on ‘Virtual Private Network (VPN) Access Policy’ > click ‘Properties’

Step 14 – Click on the ‘Settings’ tab, then click ‘Authentication’

9

Step 15 – Select ‘Forward requests to the following remote RADIUS server group for authentication’ and select the RADIUS server group that you created from the list.

Step 16 – Click ‘OK’

Step 17 – Repeat steps 12 – 16 for all other policies with the source ‘Remote Access Server (VPN-Dial up)’

Step 18 - Click ‘Network Policies’, then highlight ‘Virtual Private Network (VPN) Access Policy’ and right click ‘Properties’.

12

Step 19 - Click on the ‘Constraints’ tab, then click ‘Authentication Methods’

11

Step 20 – Deselect all methods except ‘Microsoft Encrypted Authentication version 2 (MSCHAP-v2)’ and ‘User can change password after it has expired’, then click ‘OK’

Step 21 – Restart the NPS service by highlighting ‘NPS’ and right click > ‘Stop NPS Service’, then right click > ‘Start NPS Service’

10


Configuring the PPTP VPN Client for Windows XP

Note: As of April 8, 2014 Windows XP is no longer being supported

First you will need to ensure your VPN connection is set to require MSCHAP2. You can do so by following these steps:

Step 1 - Double click on the VPN connection and go to ‘Properties’, then ‘Options”. Ensure ‘Include logon domain’ is unchecked.

Step 2 - Go to the Security tab, set the ‘‘Security Options’ to ‘Advanced’ and click the ‘Settings’ button.

Step 3 – Ensure that ‘Data Encryption’ is set to ‘Require data encryption’, and that under ‘Allow these protocols’, only the ‘MS-CHAP v2′ check box is enabled and click‘OK’, then click ‘OK’ again.

image

Step 4 - Enter the username into the ‘Username’ field and the AuthAnvil passcode (PIN + OTP) into the ‘Password’ field. Click “Connect” to establish a VPN connection using strong authentication.



Configuring the PPTP VPN Client for Windows Vista/7

First you will need to ensure your VPN connection is set to require MSCHAP2. You can do so by following these steps:

Step 1 - Double click on the VPN connection and go to ‘Properties’, then ‘Options”. Ensure ‘Include logon domain’ is unchecked.

Step 2 - Go to the Security tab and ensure that the ‘Type of VPN’ is set to ‘PPTP’ selected, and ‘Data Encryption’ is set to ‘Require data encryption’, and that under ‘Allow these protocols’, only the ‘MS-CHAP v2′ check box is enabled and click ‘OK’.

image

Step 3 - Enter the username into the ‘Username’ field and the AuthAnvil passcode (PIN + OTP) into the ‘Password’ field. Click “Connect” to establish a VPN connection using strong authentication.

 

Questions?

If you have any questions or need some help, we would be happy to assist. Open a case at help.scorpionsoft.com or send an email to support@scorpionsoft.com.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk